CVE-2025-40160

EPSS 0.03%
Veröffentlicht 12.11.2025 10:24:36
Zuletzt bearbeitet 12.11.2025 16:19:12
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

xen/events: Return -EEXIST for bound VIRQs

Change find_virq() to return -EEXIST when a VIRQ is bound to a
different CPU than the one passed in.  With that, remove the BUG_ON()
from bind_virq_to_irq() to propogate the error upwards.

Some VIRQs are per-cpu, but others are per-domain or global.  Those must
be bound to CPU0 and can then migrate elsewhere.  The lookup for
per-domain and global will probably fail when migrated off CPU 0,
especially when the current CPU is tracked.  This now returns -EEXIST
instead of BUG_ON().

A second call to bind a per-domain or global VIRQ is not expected, but
make it non-fatal to avoid trying to look up the irq, since we don't
know which per_cpu(virq_to_irq) it will be in.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 612ef6056855c0aacb9b25d1d853c435754483f7

Version 62cc5fc7b2e0218144e162afb8191db9b924b5e6

Status affected

Version < a1e7f07ae6b594f1ba5be46c6125b43bc505c5aa

Version 62cc5fc7b2e0218144e162afb8191db9b924b5e6

Status affected

Version < f81db055a793eca9d05f79658ff62adafb41d664

Version 62cc5fc7b2e0218144e162afb8191db9b924b5e6

Status affected

Version < 07ce121d93a5e5fb2440a24da3dbf408fcee978e

Version 62cc5fc7b2e0218144e162afb8191db9b924b5e6

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.2

Status affected

Version < 3.2

Version 0

Status unaffected

Version <= 6.6.*

Version 6.6.113

Status unaffected

Version <= 6.12.*

Version 6.12.54

Status unaffected

Version <= 6.17.*

Version 6.17.4

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.067

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/612ef6056855c0aacb9b25d1d853c435754483f7

https://git.kernel.org/stable/c/a1e7f07ae6b594f1ba5be46c6125b43bc505c5aa

https://git.kernel.org/stable/c/f81db055a793eca9d05f79658ff62adafb41d664

https://git.kernel.org/stable/c/07ce121d93a5e5fb2440a24da3dbf408fcee978e

https://nvd.nist.gov/vuln/detail/CVE-2025-40160

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40160

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40160

EUVD